We got hit with this Trojan on Monday the 20th before it was included in the dat files. We have noticed that it only affects network shares or devices attached to the PC. Basically, any drive except C:\. The link files created are not detected in a scan, but will infect the system if someone clicks on them. To see if you have the lnk files, type dir *.*.lnk /s/p and look for recently created files (mostly at the same time). We ended up manually deleting the link files through the command prompt (del *.*.lnk /s). You will also want to unhide the real files (attrib –h /s). Removing the network shares, external drives, usb drives, etc. will also help you control the situation. We used Norton Power Eraser before the dat files were updated. It seems however now that we had some infection in exe and dll files. We decided to reformat and install from a clean backup. By looking at the owner of one of these files, it appears to show the user that started the infection.

1. Press CTRL+ALT+DELETE to open the Windows Task Manager. Then stop all the Trojan.Shylock.B processes.
2. Click on the Processes tab, search for Trojan.Shylock.B process, then right-click it and select End Process key.
3. Click Start button and select Run. Type regedit into the box and click OK to proceed.
4. Once the Registry Editor is open, search for the registry key “HKEY_LOCAL_MACHINE\Software\Trojan.Shylock.B.” Right-click this registry key and select Delete.
5. Search for file like %PROGRAM_FILES%\Trojan.Shylock.B. and delete it manually.
6. Search for file like c:\Documents and Settings\All Users\Start Menu\Trojan.Shylock.B\ and delete it manually
7. Search for file like c:\Documents and Settings\All Users\Trojan.Shylock.B\ and delete it manually

However, please note that manual removal of Trojan.Shylock.B is a time-taking process. Moreover, it does not always ensure full removal of Trojan.Shylock.B infection due to the fact that

certain files might be hidden or even may be restored automatically after you restart your computer. In addition, such a manual interference might damage the Computer.